SBN

Certified Ethical Hacker Domain 4: Information Security Tools, Systems and Programs

Introduction

This domain in the Certified Ethical Hacker (CEH) certification reviews the different classes of tools, systems and programs involved during the different phases of hacking or during host and network protection. Being the largest domain in the exam, candidates will be required to put in significant work and will then be reviewed on their understanding of various concepts as well as their choice of appropriate tools for problem solving (in both offensive and defensive approaches).

An Overview of the Domain

This domain carries a weight of 28.91% of the total exam. You should expect a total of 36 test items here, with 7 testing Information Security Systems, 5 testing Information Security Programs and 24 testing Information Security Tools. Let’s discuss these sections, taking note of important tools and concepts.

Information Security Systems

In this section, we discuss the common information security systems that the exam is most likely to review. Candidates will be tested on their understanding of firewalls, intrusion detection and prevention systems, SIEM solutions and authentication servers. Once they have studied these technologies, they can be sure of scoring highly on any questions originating from this section. Let’s now discuss each of these, taking note of important points.

a) Firewalls

A general understanding of how firewalls function will be tested in the exam. Candidates are required to know the placement of a firewall in a network and any possible repercussions that may be introduced on the network. Candidates should, for example, understand why network firewalls are primarily placed in between the DMZ and internal network.

There are also some common rule sets that are familiar across different firewall solution vendors. For example, an organization may implement the “Allow SSH Traffic” rule to allow SSH access from any IP address to all instances within a data center. (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Lester Obbayi. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/5a0iotapQiY/